Failed authorization procedure. Multiple virtualhosts apache

That looks to me like the console output rather than contents of the log file.

There it is

Thanks! @bmw, would you mind taking a look at this log?

From your pastebin:

"Invalid response from \"\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"en\"\u003e\n\u003chead\u003e\n \u003c!-- Simple HttpErrorPages | MIT License |\\"",\n "status": 403

Status code 403 is forbidden.

Have you placed a test.txt file in the acme-challenge folder?

Yes, I would remove letsencrypt and keep certbot.

As I mentioned above in

that test is only relevant for problems with --webroot, not with the recently-added functionality of --apache. @olokos is trying to use --apache, so the test method you suggested won't provide relevant diagnostic information in this case.
It’s still accessible since you mentioned trying it out.

Hi, you could try adding --debug-challenges to your Certbot command line. This causes Certbot to pause the execution after it has deployed its challenge directives to your Apache configuration. The statements should take priority over the requests coming to /.well-known/acme-challenge paths, and serve those from under directory /var/lib/letsencrypt/http_challenges instead. While in this state, I would like you to:

  • Confirm that the temporary Include statement was added to your <VirtualHost> configuration for the domain.
  • That the correct validation token exists in /var/lib/letsencrypt/http_challenges
  • That you are not able to access the challenge token URL yourself.

Running Apache on CentOS 6, 2 hosts were failing certbot renewal with vague reference to dns problem. When the last successful renewal ran, there were incorrect IP addresses in “” and another file. My solution was to run “certbot-auto revoke --cert-path /etc/letsencrypt/archive/” and then run “/usr/local/sbin/certbot-auto” again and re-entered the fqdn and webroot values.

Include /etc/apache2/le_http_01_challenge_pre.conf
2 files with random numbers and lettters, they do look like a key
These tokens dont look like urls so how would I go about accessing them?

Prefix them with and and then try to access them with a web browser and/or curl.

I just tried and if I do[tokennumbers] it returns 404 error

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

The issue still remains. Anybody can help?

Please show:
which certbot
sudo certbot --version
grep -Eri 'challenge|olokos|servername|serveralias|virtualhost|rewrite' /etc/apache2

Sorry, I missed notification.

certbot 0.22.2


Hi there,
I have the same issue on a specific page here. All other pages on the same server work fine.
I tested it with the --debug-challenges parameter and it seems that certbot isn't able to or just doesn't create the file. (I created the acme-challenge directory with 777 permissions and checked that directory via browser while running certbot with the debug-parameter.

Here is my terminal-log with the additional -v parameter:

Thanks a lot for your help in advance. I've been looking for a solution to this for over 3 hours now :confused:

Hi @webfreak

your directory works:

But can you create a file there (name 123456789 without extension) and test, if the file works? There may be a redirect or rewrite rule.

I tried that.
Creating a file and open it via a browser works.
But the certbot isn’t creating a file there. (the debug-challenges parameter was used to check at the stop it creates)